The new regex matching stuff rocks... except it's missing one thing

Ian Hobson ian at
Thu Mar 12 01:30:07 MSK 2009

mike wrote:
> The auth stuff doesn't support it.
> Any ideas on how to support dynamically populating the
> auth_basic_user_file? Is this a quick and dirty thing? That'd be
> awesome if it was.
>                location ~* ^/foo/private/(.*) {
>                        alias /home/foo/web/private/$1/;
>                        auth_basic "Restricted files";
>                        auth_basic_user_file /home/foo/web/private/$1/.htpasswd;
>                }
> 2009/03/11 16:16:39 [crit] 14097#0: *11 open()
> "/home/foo/web/private/$1/.htpasswd" failed (2: No such file or
> directory), client:, server:, request: "GET
> /foo/private/demo-video/ HTTP/1.1", host: ""
I would have thought a new param, to list the users who were permitted 
to authenticate would be more flexible. That way, you have one password 
file, and only one password to change for a user who has access to 
multiple areas.

permit_user <list>;   and deny_user <list>;   perhaps.

And why risk having your password file in your web tree?



More information about the nginx mailing list